It's important to understand that we could genuinely lose general purpose computing. I don't think it's in serious danger at the moment, but we've been in the midst of a slide in that direction for the last 10-15 years. Part of it is mobile phones, part of it is TPM, part of it is market forces. The latest turn is strictly political. We've really foolishly built the technology necessary for authoritarianism just a few years head of a general global trend towards authoritarianism. At the moment, anyone can use Linux; it's better and easier than ever. Will the laws of your country make it harder or more difficult to avoid? Will major vendors lock you out of basic functions? Will age verification require an agent run on your Windows or macOS computer? (or worse, require the use of a smart phone just to use the internet?)
We're not anywhere there yet, but we're closer than we've ever been, and things keep moving in the wrong direction.
I think it is unfortunate how many resources are put into making things secure with TPM's and how little resource is put into basically having secure and simple sandboxing...
All I really want is a computer that allows me to fully control the permissions and filesystem access of all the programs that I manually install on my system. Almost every program (in my case) needs 0 filesystem access outside of what it installed itself and shouldn't be looking or snooping at anything that isn't in its own process space.
I want a clear and simple way to limit the blast radius of how badly a program could actually screw up my system or have access to my files.
I recently experienced the opposite of this on Android, where I tried to install a very well reviewed ebook reader called MoonReader. But MoonReader seems to require complete access to every file on my Android device to work correctly. That is insane. I looked it up a bit more and it seems that Google has simplified (or something) permissions, but now there isn't much choice other than asking for full file access (I just want to give it access to one directory).
Anywho, just a minor vent, that we are insisting that the only way to make things secure is this sort of attestation path, but we don't spend any energy just making it possible to limit the blast radius of software on most OS'.
Its not 100% what you're looking for. Probably an 80% case..
But try looking into QubesOS. You create domains where applications can do whatever in the domain (a contained VM). So your personal domain is separate from your bank domain, which is separate from your media domain.
Of course, domains themselves can do naughty things. But they cant cross over to others.
And system resources are a separate domain, as is networking.
Some downsides - gaming is a no go mostly. And if you do SDR stuff, the USB domain is a heavy hit on performance. You really need dedicated machines for those things.
I love Linux, but if 90% of the US were on Linux the same commercial / political pressures would apply and Linux would just look like Android or ChromeOS. Can you run an alternate OS on your smartphone? Yes, but you can't run your banking app. Linux alone cannot save us.
If nobody participates in government, the banks and entertainment industry will get whatever they want, which is to lock down your computer into a portable kiosk
What do you think happens behind closed doors at the WTO, Davros, TED anywhere immensely powerful meet up to discuss the world's future outside the view of prying eyes?
EU CRA (enforced Dec 2027) prohibits shipment of non-certified binaries for "critical" software, including firmware and hypervisors. Operating systems like Linux are categorized as "important" software, https://www.whitecase.com/insight-alert/cyber-resilience-act...
I might be wrong but I don't think that open source software are subject to the CRA. If you look at article (18) here [0] it seems to explicitly exclude free software that you download from the internet.
That depends on the definition of "commercial activity". Some groups have influenced the legislation to exclude specific activity. Some supply chain roles, including developers who contribute patches, are excluded. Others can seek guidance on interpreting the legal text.
- software that are not monetised by their manufacturers should not be considered to be a commercial activity.
- supply of products with digital elements qualifying as free and open-source software components intended for integration by other manufacturers into their own products with digital elements should be considered to be making available on the market only if the component is monetised by its original manufacturer.
- development of products with digital elements qualifying as free and open-source software by not-for-profit organisations should not be considered to be a commercial activity provided that the organisation is set up in such a way that ensures that all earnings after costs are used to achieve not-for-profit objectives.
- does not apply to natural or legal persons who contribute with source code to products with digital elements qualifying as free and open-source software that are not under their responsibility.
This doesn't in general inhibit hobbyists, and for the most part for companies it just adds some fairly sensible requirements around handling security vulnerabilities and making updates available. It is in theory a framework that could be used to add more onerous requirements in future, of course.
Passkeys are another brick in this wall. The authors of the spec built in client software identification and attestation, which means authenticating parties can require you to only use certain, closed-source passkey clients. It's not hard to imagine a future where only blessed Passkey clients, such as Microsoft's, Apple's, and Google's implementations, are allowed by most services.
I think passkeys will be used against users. They’ll be used to attest to a user’s trustworthiness by tying authentication back to a real identity. Like another comment mentioned, you’ll end up needing something like a phone that’s locked down. Part of that will be authenticating with a verified ID IMO.
It’ll be incredibly easy to lock dissenters out of modern society. It’s too bad the vast majority of users will happily concede autonomy for a tiny bit of short term convenience.
I expect there will be backlash from non-technical users due to issues like the comment below where the passkey pushers fail to communicate where the keys are stored and thus users unexpectedly lose access to them.
Heh, I'm working on a blog post about this very topic. Passkeys are ... weird. There's a lot of potential for gatekeeping, where websites can indeed require you to use device-bound passkeys through device attestation, and where becoming a vendor requires interacting with the fido alliance....
I would say "I'm sure the mean well", but given that parties like Yubico benefit from not getting more competitors, the cynic in me is a bit worried.
Yeah, I wouldn't say that. It's clear from their public comments[1,2,3] that the spec authors don't believe the private key actually belongs to the user to do what they want with. They see services restricting what users may do with their own logins as a feature of Passkeys. It's really a shame it went in this direction. Replacing passwords with an easy-to-use keypair auth system would be a massive security improvement. But the Passkey ecosystem is poisoned at this point. Unless they remove the client ID & attestation anti-features, it should be considered a proprietary big tech protocol.
[1] Threatening an open-source passkey client with server-side bans because they don't implement passkey storage on the client device in the way the spec authors prefer. https://github.com/keepassxreboot/keepassxc/issues/10406
[3] While writing an article about this on my website, I actually emailed the two involved spec authors on the above issue, politely asking how their interpretation of the Passkey spec could possibly be compatible with open source software. Neither replied.
It is particularly odd in the case of open-source clients (or indeed any client that runs outside of some very locked down hardware) because a) there's nothing that prevents the user exfiltrating keys anyway, and b) attestation also means relatively little for such an implementation.
Yes, the problems are obvious and the spec authors definitely know & understand the issues. Their refusal to have a public discussion about it indicates they just don't care, and their maintenance of a "naughty client list" shows Passkeys are intentionally hostile to user freedom.
Thankfully open source software is not subject to that, so FOSS password managers should be fine. Doesn't mean that other forces won't try to tear them down, however.
Yeah I hate this, installed a new CPU and none of my passkeys work. The browser asks my phone and they don't trust each other and not a damn clue how to fix it.
Don't store passkeys in hardware. They are more secure that way, but more dangerous if you lose them. Your passkeys were stored on the old CPU and are gone. If you do, you need to store on multiple devices like phone, tablet, and computer, but that is harder to manage.
Better to store passkeys in password manager. Then they become more secure passwords. The big advantage is that they can't be phished, and sites don't use 2FA with them. It also means you can choose password manager that you trust and work better than Apple and Google.
Yep, big problem with them: most users have no idea where the thing that pops up and offers to store the passkeys actually stores them (sounds like in your case, in your computer's TPM was either on the CPU you replaced or complained and reset itself when the CPU changed). It's a ticking timebomb that all the 'users love passkeys! (after we nag them about it every time they login until they give up)' blogs fail to catch.
You could have used an open source client to manage your passkeys as you like, including backing them up in your own storage format. I wrote about it here: <https://www.smokingonabike.com/2025/01/04/passkey-marketing-...> I was quite excited about it... until I found out that the Passkey spec authors have warned that client that it may face server-side bans because it lets you manage your own private key how you want, and the spec authors think this is appropriate for servers to do. So I deleted all my Passkeys. Sigh.
You'll probably enjoy this article from one of the original creators of the Passkey ecosystem:
> Since then Passkeys are now seen as a way to capture users and audiences into a platform. What better way to encourage long term entrapment of users then by locking all their credentials into your platform, and even better, credentials that can't be extracted or exported in any capacity.
And web attestation, which almost became a thing about a year ago. It is gone for now, but it will only be a matter of time before it decides to rear its ugly head again.
This! I think we were all too naïve in having "we would never let it happen, right?" be the motto for our complacency and inaction.
I hope more people come around and recognize that Richard Stallman deserves a big, resounding "you were right, we're sorry" after being attacked for his dislike of "trusted computing" and TPMs [0].
What I love about that report is that the author created it with the intention of making Stallman look bad. And if you look at the author's summaries, he looks bad. However, the author also made us the favour of collecting all the statements in one single place. And if you look at the things that Stallman actually said (as opposed to the author's summaries) he doesn't look bad, he looks strictly correct.
Yeah yeah but the reason why I link to that, is that if someone is interested they can with minimal effort find by themselves all the information to understand it was just a smear job.
Like, someone says "C assaulted B". And Stallman says "If A forces B to offer herself to C, C didn't assault B". Which is obivously correct. It could only be incorrect if you were redefining words to serve your purposes.
I had a look at what Stallman said and what Minsky allegedly did.
Apparently, Minsky had sex with one of Epstein's girls, who later said she was forced into it. Now, his wife denies the allegation, as she was apparently with him at all times on Epstein's island.
Now, I can believe that he went once, and maybe had sex with someone he didn't know was not doing so willingly. But, what about his wife? Was he cheating on her? Was she a part of it?
And why did he return a second time? And after Epstein's conviction in 2011???
And here comes Stallman, and he's not even denying that he's slept with someone, potentially cheating on his wife? His issue is with the wording?
He is a weird, socially awkward, maybe autistic guy. And such people tend to be quite pedantic and focused on strange details that "normal" people just jump over.
His issue is that saying "assault" to mean "sex with someone" is dishonest, even if that person is 17. Which is obviously is.
Any sane person hears "assault" and thinks that means "assault" instead it means something else.
What is happening is that the meaning of words are being changed for the purpose of using pre-existing laws. Example, you think that Bla is very bad and isn't punished enough by the law. There's law that severaly punishes Fleem. So, whenever you see Bla you call it Fleem and argue that the anti-Fleem law applies. That way you can effectively re-purpose a law. Specific example: "catcalling" is now "sexual assault" in the UK. It's easier to do it this way, than to argue that people should be punished for catcalling.
Ok, but surely there are more important thing going on there than the wording.
It feels like Stallman wants to defend his friend, but doesn't really have any way to do that. So, instead, he pivots to pedantry.
Like ok, assuming that Marvin really did not know, it's wrong to label him as a sexual assaulter(?). Though legally a sexual assault still occured.
But, it still doesn't explain, justify or deny that he allegedly slept with someone , possibly behind his wife's back. And it also doesn't explain that they went *BACK* to Epstein's island after knowing he was a sex trafficker. And that presumably the girl he slept with might have also been trafficked.
The specific point I'm talking about is the accusation of Minsky. To my point (and Stallman's) doesn't matter if coersion was done by Epstein or Mickey Mouse.
Anyway, I get that you're confused. However, I've lost interest in talking to you.
Many big institutions lean heavily on mobile apps and other gated computing.
I live in BC Canada and by far the easiest way to authenticate a login to provincial sources involves using the BC ID App as a second factor, even when logging in via desktop. Many banks now also use their app as a second factor, rather than a generic OTP option that can run on any hardware.
There were also issues like running Netflix DRM in browser on Linux for a while.
General purpose computers won’t go away, but they will continue to be gated from more and more services until you are more or less required to have a phone or locked down ecosystem device.
> Many banks now also use their app as a second factor, rather than a generic OTP option that can run on any hardware.
This is one I’m willing to tolerate, as long as it’s optional. Something I don’t understand though is banking app setup. When I got a new phone this year, the RBC app made me submit some kind of live selfie.
The thing is, I know they can scan your debit card with NFC and authenticate the PIN. I’ve used it for a password reset in the past. Why is a selfie better than that when they presumably have nothing to compare it to?
It would be quite a scandal, legally and socially, if it was discovered that a bank was creating a database of images of their customers without consent.
That's quite interesting! So in Canada, it seems PIPEDA means the banks can't use atm video footage to build client profiles. Cannot say the same for the US, unfortunately.
According to ChatGPT: Only Illinois, Texas, and Washington really constrain that, and Illinois is the only one with real teeth.
> Many banks now also use their app as a second factor, rather than a generic OTP option that can run on any hardware.
A financial institution I have an account with requires MFA to log in, and the only options they support are SMS MFA and their proprietary smartphone app. This is acutely annoying to me, because it means I have to get up and get my phone if I want to log into this site from my PC (or rig up a complicated Android emulator setup).
>At the moment, anyone can use Linux; it's better and easier than ever. Will the laws of your country make it harder or more difficult to avoid? Will major vendors lock you out of basic functions?
Somewhat related, but if x86 loses dominance it will be even more difficult if not impossible to install Linux or other alternate OS's on ARM devices. The majority of consumer ARM electronics make it hard enough, and normally requires you to run a specific patched (and most likely outdated) Linux kernel in order to boot.
There are ARM devices which meet the ARM System Ready standard which allows you to boot whatever OS you want, but they are mostly enterprise devices such as servers. Cheapest one I've seen which your average consumer might buy was an ARM workstation with a starting price of about $1500
That's the current norm for GPUs, no? The Raspberry Pi just happens to use a SoC where the GPU is the primary processor. I wouldn't say it's worse - it's maybe slightly better but still close to par.
If you've ever looked at the plans for Absolute Zero 2050, they predict a world with no shipping or commercial air travel, among many other restrictions. That sort of thing could only be implemented under an authoritarian government. I think that's where all this is coming from.
I sincerely doubt it'll do much, but my next computer will not be Apple. Sadly, I just upgraded a year and a half or so ago, and sadly, good lord those damn arm chips are nice.
So hopefully in 8 years or so when I need a new machine, there's some decent options available to me.
But nice aint worth the cost when it comes at the expense of supporting something which is undermining everything else you believe in.
We're both closer than any of us believe. Insofar that ChromeOS is and isn't Linux, it's already locked down signed boot. But also we're further from it because general computing isn't going anywhere soon as long as people keep buying general purpose computers. Still until Qubes or similar sandboxed computing becomes the norm, blaming victims for getting malware onto their system only goes so far, and even if banks don't require it, regular people will start having a banking only computer because oh god please don't steal all my money.
Certainly there was more authoritarianism in past times, but we haven't previously had authoritarian movements at the same time that we've the internet and ubiquitous computing. Authoritarianism isn't meant to be a scare word; in the US, you have the total fecklessness of Congress, the expansion of the executive under every single president in the 21st century. (it's still authoritarianism even if some people like what is being done unilaterally by the executive. eg: both Trump and Biden sought and acted with expanded executive powers. Even if you like the outcomes, it's still actually quite bad. Neither party seems capable of imagining that someone they disagree with could be elected and use those same powers. It's baffling.) You have a lot of governmental changes in parts of Europe, etc.
I think it's pretty uncontroversial that there is a global trend towards authoritarianism, but I'm happy to hear other opinions.
Don’t think of it as one side against the other. It’s a dialectical process, two extremes, like communists and fascists, seemingly locked in mortal opposition, yet through their struggle, pushing the same totalitarian machinery forward. That old pattern feels disturbingly familiar today.
We're not anywhere there yet, but we're closer than we've ever been, and things keep moving in the wrong direction.